Re: [OAUTH-WG] Signature crypto
Breno <breno.demedeiros@gmail.com> Fri, 04 December 2009 18:46 UTC
Return-Path: <breno.demedeiros@gmail.com>
X-Original-To: oauth@core3.amsl.com
Delivered-To: oauth@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 959F03A6A1F for <oauth@core3.amsl.com>; Fri, 4 Dec 2009 10:46:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.298
X-Spam-Level:
X-Spam-Status: No, score=-2.298 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_33=0.6]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xyIK2orqGq8Q for <oauth@core3.amsl.com>; Fri, 4 Dec 2009 10:46:24 -0800 (PST)
Received: from mail-gx0-f228.google.com (mail-gx0-f228.google.com [209.85.217.228]) by core3.amsl.com (Postfix) with ESMTP id AF3013A63EB for <oauth@ietf.org>; Fri, 4 Dec 2009 10:46:24 -0800 (PST)
Received: by gxk28 with SMTP id 28so2454253gxk.9 for <oauth@ietf.org>; Fri, 04 Dec 2009 10:46:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=ClvfAhcIzs5FbkHE9f4Xr2zlwYPicfofKvg10mVN7tg=; b=IN52JHgaNV4yfBgHk/7R20LmP5qdcailHHFiXscQ16u1VWWOVLBCegwoYL3pq5PzU5 U6yHO6prtnVIRZ+tySucTfu7/ya/geq2+RYMC+s9TRC7EDbRvNtsnTwLxt2iR7IYY288 MjjjvJEo7IsjobggttozBXdB7hcoiV6QU9/+o=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=UJuGwSoAWftdugU7G/g68VVz/XCBeOKaJSWjY7ItvmQahxvakwZzWUC6Xodi0C0lRK RRfTttVk5vmLgjNRjZWBTxX+KGauIYswLWmx95meGXbWM5/AbfP8DaBYYdtpP3F48PfI yZfE1rSqnC9O5pQiPvELREF0JQrAkLGuEZmQ8=
MIME-Version: 1.0
Received: by 10.101.182.20 with SMTP id j20mr4458549anp.65.1259952367614; Fri, 04 Dec 2009 10:46:07 -0800 (PST)
In-Reply-To: <90C41DD21FB7C64BB94121FBBC2E7234378529368E@P3PW5EX1MB01.EX1.SECURESERVER.NET>
References: <90C41DD21FB7C64BB94121FBBC2E72343785183009@P3PW5EX1MB01.EX1.SECURESERVER.NET> <90C41DD21FB7C64BB94121FBBC2E723437852097FC@P3PW5EX1MB01.EX1.SECURESERVER.NET> <255B9BB34FB7D647A506DC292726F6E1124A7241F7@WSMSG3153V.srv.dir.telstra.com> <90C41DD21FB7C64BB94121FBBC2E72343785293671@P3PW5EX1MB01.EX1.SECURESERVER.NET> <f98165700912041016k10366b88tb001f7700405083f@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E72343785293683@P3PW5EX1MB01.EX1.SECURESERVER.NET> <f98165700912041023y3207d801r42f01c7a0c4352bb@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E7234378529368A@P3PW5EX1MB01.EX1.SECURESERVER.NET> <f98165700912041029h6d615ea4gd0abab68fe984f87@mail.gmail.com> <90C41DD21FB7C64BB94121FBBC2E7234378529368E@P3PW5EX1MB01.EX1.SECURESERVER.NET>
Date: Fri, 04 Dec 2009 10:46:07 -0800
Message-ID: <f98165700912041046y352a7160o2c1c0fce124948b4@mail.gmail.com>
From: Breno <breno.demedeiros@gmail.com>
To: Eran Hammer-Lahav <eran@hueniverse.com>
Content-Type: multipart/alternative; boundary="001636c928df4e3ded0479eb85fc"
Cc: "OAuth WG (oauth@ietf.org)" <oauth@ietf.org>
Subject: Re: [OAUTH-WG] Signature crypto
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Dec 2009 18:46:25 -0000
Yes, they all do. On Fri, Dec 4, 2009 at 10:34 AM, Eran Hammer-Lahav <eran@hueniverse.com>wrote: > Do all MAC functions work like this: > > > > digest = mac(key, text) > > > > It would be hard to generalize a signature method if not. > > > > EHL > > > > *From:* Breno [mailto:breno.demedeiros@gmail.com] > *Sent:* Friday, December 04, 2009 10:30 AM > *To:* Eran Hammer-Lahav > *Cc:* OAuth WG (oauth@ietf.org) > > *Subject:* Re: [OAUTH-WG] Signature crypto > > > > > > > > methods=”HMAC:sha-1,sha-256” > > > > The client replies: > > > > method=”HMAC:sha-256” > > > > 2. MAC-generic: > > > > The server sends: > > > > methods=”MAC:hmac-sha1,hmac-sha256” > > > > > > I pick the second. It's the right level of abstraction and actually > slightly easier to implement. > -- Breno de Medeiros
- [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Peter Saint-Andre
- Re: [OAUTH-WG] Signature crypto Stephen Farrell
- Re: [OAUTH-WG] Signature crypto Infinity Linden (Meadhbh Hamrick)
- Re: [OAUTH-WG] Signature crypto Hubert Le Van Gong
- Re: [OAUTH-WG] Signature crypto Vrancken Bart bv
- Re: [OAUTH-WG] Signature crypto Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Stephen Farrell
- Re: [OAUTH-WG] Signature crypto Stephen Farrell
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Infinity Linden (Meadhbh Hamrick)
- Re: [OAUTH-WG] Signature crypto John Kemp
- Re: [OAUTH-WG] Signature crypto Brian Eaton
- Re: [OAUTH-WG] Signature crypto Ben Laurie
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Manger, James H
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Brian Eaton
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Stephen Farrell
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Brian Eaton
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Paul C. Bryan
- Re: [OAUTH-WG] Signature crypto stephen.farrell
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Eran Hammer-Lahav
- Re: [OAUTH-WG] Signature crypto Richard Barnes
- Re: [OAUTH-WG] Signature crypto Breno
- Re: [OAUTH-WG] Signature crypto Richard L. Barnes